A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...

The popular Nx build system, boasting 4 million downloads each week, was exploited in the first supply chain breach to use AI assistants.

Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with ...

CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote ...

Runloop, the only enterprise-grade infrastructure platform that enables the development, evaluation and scalable deployment of AI coding agents, today announced the launch of Repository Connect. This ...

Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack.

Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely.

GitHub renamed the master branch to main for any Git repository, as it addresses cultural change like so many organizations that have nixed master-slave terminology in a time of social unrest.